Hide message details in headers?

[craiga]

I've been trying to ensure all sensitive data we send to our queue is encrypted, which includes some short-lived tokens I send by email.

kombu-fernet-serializers is doing a great job of encrypting the bodies of messages, but it doesn't encrypt message headers.

Celery messages include argsrepr and kwargsrepr headers (the structure of these messages is documented here), which in django-celery-email's case, results in a lot of the detail of each message being logged.

Celery have recommendations on how to hide these arguments, but I can't figure out how I can hide them without subclassing the backend like this:

from django.conf import settings

from djcelery_email import backends
from djcelery_email.tasks import send_emails
from djcelery_email.utils import chunked, email_to_dict


class CeleryEmailBackend(backends.CeleryEmailBackend):
    def send_messages(self, email_messages):
        result_tasks = []
        for chunk in chunked(email_messages, settings.CELERY_EMAIL_CHUNK_SIZE):
            chunk_messages = [email_to_dict(msg) for msg in chunk]
            result_tasks.append(
                send_emails.apply_async(
                    (chunk_messages, self.init_kwargs),
                    argsrepr="(django-celery-email messages)",
                )
            )

        return result_tasks

I'd be happy to work on a PR to make this possible, but I'm not sure what the best way to proceed would be. A setting to hide args? A setting to specify extra kwargs to apply_async?

Looking forward to hearing your feedback!